Ensure that all your AWS WorkSpaces instances are healthy (i.e. the instances state is set to "Healthy"). The AWS WorkSpaces service periodically sends status requests to the WorkSpaces instances. An instance is pronounced unhealthy when it fails to respond to these HealthCheck requests.
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Any AWS WorkSpaces instance that doesn't respond to the service health checks is considered unhealthy and inoperable. Common causes for this issue are: blocking network ports that prevents the instance from responding to the HealthCheck (status) requests, high CPU usage that prevents the instance from responding in a timely manner, preventing a secure channel from being established between the WorkSpaces service and the instance due to configuration changes, etc.
To determine if there are any unhealthy Amazon WorkSpaces instances available in your AWS account, perform the following:
Remediation / Resolution
Case A: To reboot an unhealthy AWS WorkSpaces instance, perform the following commands:Note: The reboot command performs a shutdown and a restart of the WorkSpaces instance. The user data, the operating system (OS) and the system settings are not affected.
Case B: To rebuild an unhealthy AWS WorkSpaces instance, perform the following commands:Note: The rebuild command will rebuild the operating system (OS) installed on the selected AWS WorkSpaces instance to its original state. The OS is restored to the most recent image of the bundle that the instance is created from. IMPORTANT: Any applications that have been installed, or system settings that have been made after the WorkSpaces instance was created are lost.
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
You are auditing:
WorkSpaces Operational State
Risk level: Medium